Monthly Archives: September 2007

Webscarab Tutorial Part 3 (fuzzing)

Part 2 covered the neat functionality of session ID analysis within Webscarab. Now we’ll focus on another great function within Webscarab, fuzzing. I define fuzzing as testing the input of an application by trying various parameters that the input may not expect. These parameters don’t have to be random, in my opinion […]

Defcon 15 videos released early

A good friend of mine named Eric Jenko, who is also in web application security, sent me a link this morning to RoySAC’s blog that contains videos of Defcon 15. Now Defcon does release videos of their presentations but it does take them some time to do so. Luckily Carsten over at RoySAC […]